PI 3.6 Simplified PUSH Token

Part of the PI 3.6 release announcement mentions that you’ve simplified PUSH tokens to work with SMS. We are interested in testing this, but I don’t see any mention of this alternate method in the documentation. How do you configure this alternate method?

Also, the announcement mentions that you’d have to expose PI to the internet. Would it be possible/beneficial to setup an additional PI server that proxies these SMS authentication requests to the internal PI server?

There is a misunderstanding: The simplified push token does not work with SMS. How did you get this?
It works without firbase, but the smartphone app is polling the challenges from the privacyIDEA server.
I know, it sounds a bit funny that a “push” token type works by “polling”. Anyways.

You are right, the smartphone app needs to be able to reach the privacyIDEA server.

Yes, you can set up an additional external privacyIDEA node (see redundantant setups) that has other policies than the internal node(s).

Note: The poll-only (simplified push) smartphone app version is currently only available via github and has not officially been released.

…I don’t know, lol. I went back and read the blog post again and it says nothing about SMS. I’ve no clue why I made that connection…

Hello -

It appears that the PUSH token is only getting to our iPhones if the application (3.1.3) is closed. If it is open, nothing comes through even if the polling box is checked.



note the two rules:

  1. Firebase is not a reliable service. It has no contrallable quality of service. Sometimes it realls sucks.

  2. If the app is in foreground, there is no popup box! This is by design (of an underlying lib). You only get the buttons in the token list of the app!


It looks like there are some issues on iOS devices:

We are currently looking into it.